Peer-to-peer applications, also known as file-sharing applications, are a huge threat to security both in corporations and in the home. There are dozens of different types of file-sharing applications available, but most of them have some things in common. The basic premise is that they allow users to share a portion of their hard disk, and at the same time, they give users access to the shared hard drives of others who are running the software. While there are legitimate uses of peer-to-peer file sharing, it is primarily used to exchange copyrighted music and video.
Although millions of people use peer-to-peer applications, don't for a moment think these apps are above suspicion. They pose some very serious threats to your organization's security. Here are some of those threats:
- A number of peer-to-peer applications automatically install malware when the file-sharing application is installed.
- Peer to peer applications allow users to share a portion of their hard disk, but it is sometimes possible for users to accidentally share their entire hard disk, exposing sensitive information to the world in the process.
- If a file-sharing application is used to exchange copyrighted music or video, then having those types of files on the hard drives of company-owned computers could potentially expose the company to copyright infringement or, in the case of sexually explicit content, sexual harassment-related litigation.
- If users are sharing files, they are probably also downloading files from others. This exposes your network to malware threats.
- It isn't usually a security issue, but peer-to-peer applications rob your organization of Internet bandwidth.
Blocking peer-to-peer applications
Step 1: Blocking peer-to-peer applications
Step 2: Firewalls
Step 3: Application-level filters
Step 4: Software restriction with Group Policy
|ABOUT THE AUTHOR:|
| Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.
Copyright 2005 TechTarget